<%@ Page language="vb" CodeFile="settingsUser.aspx.vb" Inherits="settingsUser_aspx_vb" %>

<%
    rowNumber = 0
    If (Request.QueryString("do")) = Nothing Then 
        subDo = Request.QueryString("subDo")
        userID = Request.QueryString("userID")
        If CDbl(fragusLeasingUserID) > 1 Then 
            Response.Redirect("settingsUser.aspx?do=error")
        End IF
%>
<script type="text/javascript">
  function confirmSubmit() { 
	if (window.confirm('Are you sure you want to delete the user?')) {
		location.href='settingsUser.aspx?do=delete&userID=<%= userID %>';
		return false;
	}
	else {
		return false;
	}
  }
  </script>
<%
        If Len(userID) > 0 Then 
            userID = CLng(userID)
            dbOpen()
            RecSet = Conn.Execute("Select userTypeID, countryID, username, usr, pwd, ((Select Count(userID) From tblDealer Where userID = " & userID & ") + (Select Count(userID) From tblClient Where userID = " & userID & ") + (Select Count(userID) From tblDriver Where userID = " & userID & ") + (Select Count(userID) From tblVehicle Where userID = " & userID & ") + (Select Count(userID) From tblVehicleDocumentation Where userID = " & userID & ") + (Select Count(userID) From tblInvoice Where userID = " & userID & ") + (Select Count(userID) From tblGarage Where userID = " & userID & ") + (Select Count(userID) From tblClaim Where userID = " & userID & ")) As userCount From tblUser Where userID = " & userID & "")
            If RecSet.EOF Then 
                userID = ""
            Else
                dbUserTypeID = RecSet.Fields("userTypeID").Value
                dbCountryID = RecSet.Fields("countryID").Value
                dbUsername = RecSet.Fields("username").Value
                dbUsr = RecSet.Fields("usr").Value
                dbPwd = RecSet.Fields("pwd").Value
                dbUserCount = RecSet.Fields("userCount").Value
            End IF
            RecSet.Close()
            RecSet = Nothing
            dbClose()
        End IF
        Over()
        strJS = ""
        strJS = strJS + "[""countryID"", ""<1""],"
        strJS = strJS + "[""userTypeID"", ""<1""],"
        strJS = strJS + "[""username"", ""==''""],"
        strJS = strJS + "[""usr"", ""==''""],"
        strJS = strJS + "[""pwd"", ""==''""]"
        checkFields()
        Response.Write("<table cellpadding='0' cellspacing='0' border='0' width='1000'>")
        Response.Write("<tr>")
        Response.Write("<td valign='top'>")
        Response.Write("<table cellpadding='2' cellspacing='2' width='450'>")
        Response.Write("<tr><td class='headline' colspan='3'>USER SETTINGS<font color='#fcbc00'>" & subDo & "</font><hr class='hrHeadline'></td></tr>")
        Response.Write("<form action='settingsUser.aspx?do=save&userID=" & userID & "' method='post' onsubmit=""javascript:return checkFields();"">")
        Response.Write("<tr>")
        Response.Write("<td class='formBold'>Country:</td>")
        Response.Write("<td align='right'>")
        Response.Write("<select name='countryID' id='countryID'>")
        Response.Write("<option value=''> Select country  ")
        dbOpen()
        RecSet = Conn.Execute("Select countryID, country From tblCountry")
        If Not RecSet.EOF Then 
            Do Until RecSet.EOF
                countryID = RecSet.Fields("countryID").Value
                country = RecSet.Fields("country").Value
                Response.Write("<option value='" & countryID & "'")
                If dbCountryID = CStr(countryID) Then 
                    Response.Write(" selected='selected'")
                End IF
                Response.Write("> " & country & " ")
                RecSet.MoveNext()
            Loop
        End IF
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        Response.Write("<option value=''> -------------------------------------- ")
        Response.Write("</select>")
        Response.Write("</td>")
        Response.Write("<td><div id='error_countryID' class='edit_error'>&laquo; OBS!</div></td>")
        Response.Write("</tr>")
        Response.Write("<tr>")
        Response.Write("<td class='formBold'>User type:</td>")
        Response.Write("<td align='right'>")
        Response.Write("<select name='userTypeID' id='userTypeID'>")
        Response.Write("<option value=''> Select user type  ")
        dbOpen()
        RecSet = Conn.Execute("Select userTypeID, userType From tblUserType")
        If Not RecSet.EOF Then 
            Do Until RecSet.EOF
                userTypeID = RecSet.Fields("userTypeID").Value
                userType = RecSet.Fields("userType").Value
                Response.Write("<option value='" & userTypeID & "'")
                If dbUserTypeID = CStr(userTypeID) Then 
                    Response.Write(" selected='selected'")
                End IF
                Response.Write("> " & userType & " ")
                RecSet.MoveNext()
            Loop
        End IF
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        Response.Write("<option value=''> -------------------------------------- ")
        Response.Write("</select>")
        Response.Write("</td>")
        Response.Write("<td><div id='error_userTypeID' class='edit_error'>&laquo; OBS!</div></td>")
        Response.Write("</tr>")
        Response.Write("<tr><td class='formBold'>Name:</td><td align='right'><input type='text' name='username' id='username' size='40' maxlength='50' value='" & dbUsername & "'></td><td><div id='error_username' class='edit_error'>&laquo; OBS!</div></td></tr>")
        Response.Write("<tr><td class='formBold'>Username:</td><td align='right'><input type='text' name='usr' id='usr' size='40' maxlength='50' value='" & dbUsr & "'></td><td><div id='error_usr' class='edit_error'>&laquo; OBS!</div></td></tr>")
        Response.Write("<tr><td class='formBold'>Password:</td><td align='right'><input type='text' name='pwd' id='pwd' size='40' maxlength='50' value='" & dbPwd & "'></td><td><div id='error_pwd' class='edit_error'>&laquo; OBS!</div></td></tr>")
        Response.Write("<tr>")
        Response.Write("<td align='right' colspan='2'>")
        If CInt(dbUserCount) = 0 And CDbl(fragusLeasingUserTypeID) = 1 And Len(userID) > 0 And CInt(userID) <> 1 Then 
            Response.Write("<input type='button' value='Delete user' onClick='return confirmSubmit()'>&nbsp; ")
        End IF
        Response.Write("<input type='submit' value='Save'>")
        Response.Write("</td>")
        Response.Write("</tr>")
        Response.Write("</form>")
        Response.Write("<tr><td colspan='3'><hr class='hrHeadline'></td></tr>")
        Response.Write("</table>")
        Response.Write("</td>")
        Response.Write("<td width='100'></td>")
        Response.Write("<td valign='top'>")
        Response.Write("<table cellpadding='2' cellspacing='2' width='450'>")
        Response.Write("<tr><td class='headline' colspan='3'>EXISTING USERS<hr class='hrHeadline'></td></tr>")
        dbOpen()
        RecSet = Conn.Execute("Select u.userID, u.username, ut.userType, c.country from ((tblUser u INNER JOIN tblUserType ut ON ut.userTypeID = u.userTypeID) INNER JOIN tblCountry c ON c.countryID = u.countryID) Order by u.username")
        If RecSet.EOF Then 
            Response.Write("<tr><td><font color='red'>No users found.</font></td></tr>")
        Else
            Do Until RecSet.EOF
                userID = RecSet.Fields("userID").Value
                username = RecSet.Fields("username").Value
                userType = RecSet.Fields("userType").Value
                country = RecSet.Fields("country").Value
                If rowNumber = 0 Then 
                    strGrey = " bgcolor='#eeeeee'"
                    rowNumber = 1
                Else
                    strGrey = ""
                    rowNumber = 0
                End IF
                Response.Write("<tr" & strGrey & ">")
                Response.Write("<td><a href='settingsUser.aspx?userID=" & userID & "'>" & username & "</a></td>")
                Response.Write("<td algin='right'>" & userType & "</td>")
                Response.Write("<td algin='right'>" & country & "</td>")
                Response.Write("</tr>")
                RecSet.MoveNext()
            Loop
        End IF
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        Response.Write("<tr><td colspan='3'><hr class='hrHeadline'></td></tr>")
        Response.Write("</table>")
        Response.Write("</td>")
        Response.Write("</tr>")
        Response.Write("</table>")
        Under()
    ElseIf Request.QueryString("do") = "save" Then 
        countryID = Request.Form("countryID")
        userTypeID = Request.Form("userTypeID")
        username = Request.Form("username")
        usr = Request.Form("usr")
        pwd = Request.Form("pwd")
        userID = Request.QueryString("userID")
        countryID = CLng(countryID)
        If Len(username) > 0 Then 
            username = Trim(username)
            username = Replace(CStr(username), "'", "")
            username = Replace(CStr(username), """", "")
            username = Replace(CStr(username), "<", "")
            username = Replace(CStr(username), ">", "")
            username = Replace(CStr(username), "=", "")
        End IF
        If Len(usr) > 0 Then 
            usr = Trim(usr)
            usr = Replace(usr, "'", "")
            usr = Replace(usr, """", "")
            usr = Replace(usr, "<", "")
            usr = Replace(usr, ">", "")
            usr = Replace(usr, "=", "")
        End IF
        If Len(pwd) > 0 Then 
            pwd = Trim(pwd)
            pwd = Replace(pwd, "'", "")
            pwd = Replace(pwd, """", "")
            pwd = Replace(pwd, "<", "")
            pwd = Replace(pwd, ">", "")
            pwd = Replace(pwd, "=", "")
        End IF
        If Len(userID) > 0 Then 
            userID = CLng(userID)
            dbOpen()
            Conn.Execute("Update tblUser Set userTypeID = " & userTypeID & ", countryID = " & countryID & ", username = '" & username & "', usr = '" & usr & "', pwd = '" & pwd & "' Where userID = " & userID & "")
            dbClose()
        Else
            dbOpen()
            Conn.Execute("Insert Into tblUser (userTypeID, countryID, username, usr, pwd) Values(" & userTypeID & "," & countryID & ",'" & username & "','" & usr & "','" & pwd & "')")
            dbClose()
        End IF
        Response.Redirect("settingsUser.aspx?subDo=%20-%20SAVED")
    ElseIf Request.QueryString("do") = "delete" Then 
        userID = Request.QueryString("userID")
        userID = CLng(userID)
        dbUserCount = 1
        dbOpen()
        RecSet = Conn.Execute("Select ((Select Count(userID) From tblDealer Where userID = " & userID & ") + (Select Count(userID) From tblClient Where userID = " & userID & ") + (Select Count(userID) From tblDriver Where userID = " & userID & ") + (Select Count(userID) From tblVehicle Where userID = " & userID & ") + (Select Count(userID) From tblVehicleDocumentation Where userID = " & userID & ") + (Select Count(userID) From tblInvoice Where userID = " & userID & ") + (Select Count(userID) From tblGarage Where userID = " & userID & ") + (Select Count(userID) From tblClaim Where userID = " & userID & ")) As userCount From tblUser Where userID = " & userID & "")
        dbUserCount = RecSet.Fields("userCount").Value
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        If CInt(dbUserCount) = 0 And CDbl(fragusLeasingUserTypeID) = 1 Then 
            dbOpen()
            Conn.Execute("Delete From tblUser Where userID = " & userID & "")
            dbClose()
        End IF
        Response.Redirect("settingsUser.aspx?subDo=%20-%20DELETED")
    ElseIf Request.QueryString("do") = "error" Then 
        Over()
        Response.Write("<table cellpadding='0' cellspacing='0' border='0' width='100%'>")
        Response.Write("<tr>")
        Response.Write("<td valign='top'>")
        Response.Write("<table cellpadding='2' cellspacing='2' width='100%'>")
        Response.Write("<tr><td class='headline'>USER SETTINGS<font color='#fcbc00'> - ERROR</font><hr class='hrHeadline'></td></tr>")
        Response.Write("<tr>")
        Response.Write("<td>You do not have access to logon to this session.<br><br>Please contact the IT Director for more information.</td>")
        Response.Write("<tr><td colspan='3'><hr class='hrHeadline'></td></tr>")
        Response.Write("</table>")
        Response.Write("</td>")
        Response.Write("</tr>")
        Response.Write("</table>")
        Under()
    End IF
%>
